Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mKOIzkPF2jXncBUlzC8bJsXDTcw.roa
File: mKOIzkPF2jXncBUlzC8bJsXDTcw.roa (raw, json)
Hash identifier: 73ckHiPL9nDzFDLAievVytoENCqspYL21jch3IdHRNw=
Subject key identifier: 98:A3:88:CE:43:C5:DA:35:E7:70:15:25:CC:2F:1B:26:C5:C3:4D:CC
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195471FD2F91E352AD93C11B6B621E28090
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mKOIzkPF2jXncBUlzC8bJsXDTcw.roa
Signing time: Thu 27 Feb 2025 11:17:02 +0000
ROA not before: Thu 27 Feb 2025 11:17:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.136.0/24 maxlen: 24
5.83.139.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.61.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.254.0/24 maxlen: 24
77.90.0.0/18 maxlen: 32
77.90.15.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.5.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.106.69.0/24 maxlen: 24
89.144.0.0/18 maxlen: 32
89.144.30.0/24 maxlen: 24
89.144.31.0/24 maxlen: 24
94.103.160.0/20 maxlen: 32
94.103.164.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.13.159.0/24 maxlen: 24
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.47.143.0/24 maxlen: 24
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
217.69.167.0/24 maxlen: 24
217.69.170.0/24 maxlen: 24
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Thu 27 Feb 2025 16:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:47:1f:d2:f9:1e:35:2a:d9:3c:11:b6:b6:21:e2:80:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 27 11:17:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98a388ce43c5da35e7701525cc2f1b26c5c34dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:39:93:27:f6:09:09:13:1a:9a:23:c5:f1:45:
81:11:8c:1c:bd:4c:fe:20:68:c2:3d:0d:03:14:a3:
14:e8:98:d0:8f:7b:10:9f:70:15:43:ed:de:96:5f:
04:25:99:e7:01:6d:da:9c:36:c5:f9:6b:bd:a2:dc:
5d:8b:95:6f:17:8e:0c:19:eb:13:9b:cc:a4:7d:af:
98:4f:ab:29:75:c7:1b:52:78:94:05:e4:e4:6e:b9:
64:24:d3:59:b7:60:1c:91:b6:0e:a8:27:14:76:8a:
78:7e:79:61:ef:a1:32:35:2c:e8:9c:cf:3b:db:db:
7f:0b:3c:1e:0e:fb:41:c4:3c:67:9f:6c:56:b0:be:
c2:9f:c4:ad:a8:89:c9:11:f5:6a:80:27:66:d2:ab:
62:72:96:36:10:04:87:e0:ac:70:3c:dc:12:3a:e4:
7a:de:7f:42:33:0b:62:c9:6e:6a:12:46:56:c0:2b:
b8:0f:7d:8a:56:1e:9c:92:f9:4d:cd:6a:9a:19:fa:
e0:54:a4:71:d1:14:0e:75:13:d6:53:c0:d1:95:7b:
44:e8:3d:a6:6b:b7:47:0b:28:16:28:7d:2a:72:74:
0c:dc:96:44:e3:04:dd:09:98:56:32:e9:bb:db:0e:
d4:4a:c1:17:22:4c:72:e0:74:d3:ea:f3:91:03:55:
00:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A3:88:CE:43:C5:DA:35:E7:70:15:25:CC:2F:1B:26:C5:C3:4D:CC
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mKOIzkPF2jXncBUlzC8bJsXDTcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.218.0/23
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.47.143.0/24
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
8c:4f:17:18:be:92:4d:75:35:f9:20:10:ff:b5:0e:ff:fc:75:
a3:d2:bd:9d:a1:43:6e:fc:95:34:92:a6:ca:16:85:10:b7:8d:
4a:ce:30:af:f6:58:3b:7d:b8:cf:71:22:a6:e8:a5:7f:f4:c9:
b4:e4:0d:8f:7b:22:49:e7:94:ee:e6:4f:b5:00:3e:e9:f2:47:
56:a1:98:bf:85:a0:d8:79:00:87:c9:96:b2:28:a1:ea:f8:3b:
6f:72:33:f8:04:25:3e:2b:e9:1f:23:a9:9b:75:5f:ff:30:d6:
a4:f9:df:d5:3c:43:9d:25:6d:13:f4:ae:4a:9c:c7:38:50:1e:
8f:7d:61:4c:10:ef:d4:e7:13:87:04:94:a1:00:1e:1b:a1:65:
48:8e:62:e8:60:ea:e4:fd:59:ec:99:fb:26:e0:32:ab:8a:ce:
39:1d:e2:7b:e7:2c:34:e7:55:b0:56:37:82:81:f2:b2:50:28:
dd:8a:55:4a:a8:1b:44:91:f6:c7:55:4d:55:2b:f7:d4:b4:8d:
3d:8b:2a:f2:e7:f1:63:f2:8e:54:39:c1:59:3e:82:ad:89:86:
b9:c4:74:29:39:dd:81:79:54:76:a3:91:3c:d1:98:e4:e6:4f:
3e:c7:96:d2:8d:b6:5f:8a:fc:1c:72:62:8b:55:f2:61:26:2b:
84:12:01:ca
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAZVHH9L5HjUq2TwRtrYh4oCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMjI3MTExNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGEzODhjZTQzYzVkYTM1ZTc3MDE1MjVjYzJmMWIyNmM1YzM0ZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTmTJ/YJCRMamiPF8UWBEYwcvUz+
IGjCPQ0DFKMU6JjQj3sQn3AVQ+3ell8EJZnnAW3anDbF+Wu9otxdi5VvF44MGesT
m8ykfa+YT6spdccbUniUBeTkbrlkJNNZt2AckbYOqCcUdop4fnlh76EyNSzonM87
29t/CzweDvtBxDxnn2xWsL7Cn8StqInJEfVqgCdm0qticpY2EASH4KxwPNwSOuR6
3n9CMwtiyW5qEkZWwCu4D32KVh6ckvlNzWqaGfrgVKRx0RQOdRPWU8DRlXtE6D2m
a7dHCygWKH0qcnQM3JZE4wTdCZhWMum72w7USsEXIkxy4HTT6vORA1UAbwIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFJijiM5Dxdo153AVJcwvGybFw03MMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbUtPSXprUEYyalhuY0JVbHpDOGJKc1hEVGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgb8EAgABMIG4AwQF
BVOAAwQCBa+AAwQABa+FAwQBBa/aMAwDBAAFr+EDBAAFr+gDBAAFr+swDAMEBAWv
8AMEAAWv9DALAwQABa/7AwMEBaADAwEF5gMEBk1aAAMEA1PzUAMEBVVdAAMEA1V2
oAMEA1fvgAMEBVlqQAMEBlmQAAMEBF5noAMEB175gAMEAl/XIAMEBLISkAMEArkN
nAMEAbkvjAMEALkvjwMEALl5RwMEAMEc+wMEAcNuDgMEBNlFoDAwBAIAAjAqAwUD
KgAS2AMFAyoAGdADBQAqAM3AAwUDKgG9QAMFAyoCB6ADBQMqAi/AMA0GCSqGSIb3
DQEBCwUAA4IBAQCMTxcYvpJNdTX5IBD/tQ7//HWj0r2doUNu/JU0kqbKFoUQt41K
zjCv9lg7fbjPcSKm6KV/9Mm05A2PeyJJ55Tu5k+1AD7p8kdWoZi/haDYeQCHyZay
KKHq+DtvcjP4BCU+K+kfI6mbdV//MNak+d/VPEOdJW0T9K5KnMc4UB6PfWFMEO/U
5xOHBJShAB4boWVIjmLoYOrk/Vnsmfsm4DKris45HeJ75yw051WwVjeCgfKyUCjd
ilVKqBtEkfbHVU1VK/fUtI09iyry5/Fj8o5UOcFZPoKtiYa5xHQpOd2BeVR2o5E8
0Zjk5k8+x5bSjbZfivwccmKLVfJhJiuEEgHK
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:30:22 2025 by rpki-client